Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Using Javascript (Score 1) 66

obj.message = "I <3 Javascript";

My condolences. Personally I loathe code that messes with variables in far-away objects, if it's a huge program you should call obj.setMessage( "I <3 Javascript" ); I don't know how much time I've wasted trying to track down WTF just did something compared to just setting a breakpoint on or printing a debug line in "setMessage()" to see what's happening from where. Yes, setters and getters are annoying copy-pasta code but it's a wonder for sanity. Same with stored procedures and databases, if something is done from many different places route it through one procedure. Even if it's done wrong, then at least it's done consistently wrong.

Comment Re:Why not? (Score 2) 87

Hmmm - prison = food, clothing, shelter, in some cases a good gym membership and now your own tablet with internet and skype and probably easy access to porn. What's the deterrent to crime then?

The conditions in prison are rarely effective as a deterrent anyway, either people think they'll get away with it (typically theft, burglary, mugging, robbery, trafficking illegal goods, fraud, embezzlement and related crimes) or crimes of passion (rage, lust, envy mostly, often combined with being drunk or high - most violent crime, rape and murder) where they're not thinking rationally of consequences. While there are certainly repeat offenders there's also many first-time offenders that have no real concept of what doing time is like or small time criminals that confuse being off the streets for a few weeks on minimum security with being locked up for years.

And most criminals don't return or not return to prison because of how the conditions are on the inside. They return because they don't really see any alternatives to the life they have on the outside. No money, no job, no CV or work history, so it's back to stealing or peddling drugs on the street corner. Or they have impulse control or substance abuse issues that don't just disappear with time. And if prison is some horrible hellhole then you have these "nothing to lose", "never going back" people who will do anything to get away with it and fight the police until they die in a rain of bullets from a SWAT team. They need to see that there is another way, in prison and after prison. Not everyone will want to change, but you can't whip them into changing.

Getting proper apples-to-apples numbers on the effect of treating prisoners humanely is very difficult, but it generally varies from "it helps" to "it doesn't hurt", there's really very little to suggest it makes things worse. It's mostly a matter of whether it's money worth spending. Here in Norway we created what the international press called "the world's most humane maximum security prison" but mainly it's that it is built like a normal living quarters like a dorm room or hotel room. No escapes, very low tension even though it's murderers and rapists. Even gangs keep the peace inside the prison, it's like everybody is on time-out. And quite many find they like it better than the life they had.

Comment Re:Fait Acompli? (Score 1) 174

And that is the real issue here: with the DMCA, and now with patents, these fuckers are trying to create some sort of bizarro-world where Imaginary Property is not only no longer imaginary, but somehow actually superior to the right to own actual property!

You say that as if this is something entirely new. Welcome to 1873:

Unlike the analogous first-sale doctrine in copyright, the patent exhaustion doctrine has not been codified into the patent statute, and is thus still a common law doctrine. It was first explicitly recognized by the Supreme Court in 1873 in Adams v. Burke. In that case, the patentee Adams assigned to another the right to make, use, and sell patented coffin lids only within a ten-mile radius of Boston. Burke (an undertaker), a customer of the assignee, bought the coffin lids from the manufacturer-assignee within the ten-mile radius, but later used (and effectively resold) the patented coffin lids outside of the ten-mile radius, in his trade in the course of burying a person.

Here's copyright in 1908:

The [first sale] doctrine was first recognized by the Supreme Court of the United States in 1908 (...). In the Bobbs-Merrill case, the publisher, Bobbs-Merrill, had inserted a notice in its books that any retail sale at a price under $1.00 would constitute an infringement of its copyright.

Sadly they won the biggest battle, except for open source 99.999% of all software is licensed through an EULA not copies sold like a book so you don't have any property rights to begin with. If you wanted to really restore the consumer-manufacturer balance the first thing you should do is create a "Digital Sales Act" that basically says if it walks, talks and quacks like a duck it's a duck. Once you start invalidating most shrinkwrap and clickwrap licenses then you can start talking consumer rights.

Comment Different level (Score 3, Insightful) 88

I suggest you read up on what sudo is capable off. You can easily setup sudo via its configuration file (/etc/sudoers) that will allow users that require elevated privileges (eg. Database and Web Administrators) to do their work without needing root access.

The parent poster was referring to a different approach to security.

with sudo, you set up a list of commands that a database or web admin can run.
you limit user access by restricting which commands the user can run. But said commands will be run with root privileges.
In case of a bug in the command, you could use it for privileges escalations (*you* were only restricted to run this command. but *this command* runs as root and could do anything).

what the parent refers to is more closely related to the various "CAP_*" capabilities used in the linux kernel.
i.e.: even if you run a command as root, that command would never, even in the case of a bug, reconfigure the network interface, because the corresponding CAP_{blah} capability isn't enabled.
By carefully crafting a very precise set of capabilities that you hand out to administrative programs, you make sure that they only do what they are supposed to do, even if an attacker manage to find a way to force a program running as root to do arbitrary actions.

(It's a bit similar like how some smartphone apps come with a whitelist of API calls that you need to validate before installing : "can access your contacts list", "can access your webcam", etc. Even if the weather app get hacked, it can never be used to spy on you, because it's not whitelisted to access your mic and your cam... Well except that nowadays every single last app seems to be obliged to ask access for nearly anything (Hey, now your Weather app can automatically recognise the city you're travelling into simply by flashing the QR code of your travel ticket ! Needs cam privileges !).
Under Linux the same granularity exists, except that this done at the kernel API level, instead of the Java user libraries like on Android)

In the past few years Windows has been implementing similar restrictions. That's what the poster was referring to.

On Linux, the facility to apply this king of control exist in the kernel too (the various capabilities). But there aren't many software using them. I only know of SELinux and AppArmor. And they are not used system-wide, but only to put specific software into cages (those software for which they have rulesets).

I think this is dues to the fact that the basic user/group access rights of Unix can provide already quite some security if you take the time to organise enough granularity in your groups and memberships, instead of making everything restricted to root-only and needing thus to be root for nearly any action.

(Because of the Unix philosophy, lots of things are represented in unix as files. Therefore, lots of the actions controlled by capability can be mapped to file accesses (e.g.: to device files in /dev/ ). Putting correct group access on files can acheive the same results.
e.g.: a virtual machine might need USB passthrough. One way would be to grant the corresponding capability to it.
The way VirtualBox does it, is that it runs as "vbox" goup, and there's a script that hands out USB devices nodes with that as group access)

In practice, distributions such as Debian have been using tons of specific groups to control access to specific resources precisely, years before SELinux was a thing.

Comment IPv6 benefits (Score 1) 51

What are the reasons for an ISP to do IPv6?

There are tons of advantage of IPv6 over IPv4.
One of them being a vast supply of addresses (128bits vs. the overcrowded 32bits of IPv4).
It's auto-configured (you just plug a device into a network and it automatically gets IPv6 working. Routers directly hand out prefixes, no need to organise stuff through DHCP. In IPv6 DHCPv6 is only used to hand out configuration options)
Every device gets a single address that is routable anywhere on the internet. (No need of NATs, masquarading, and private address ranges).

People still can go to Google with IPv4, so no reason there.

...for now. As IPv4 address space gets depleted you'll soon reach the point where some machine are only IPv6 addressable, and thus some servers can only be accessed over IPv6.

They would need to invest and that is never a nice thing to do.
They need to replace a lot of hardware or at least reconfigure it and that will cost money.

Nope. The whole point of technologies like 6rd is that you deploy IPv6 as a tunnel over the IPv4 infrastructure that you already have.
No new hardware needed (beside the tunnel server), specially not needing to replace the thousands of expensive routers scattered accross the city that you cover with your services.

As a business I would also be against it.
I hope I am wrong and somebody can tell me a lot of advantages that would make them money, save them money or a combination of both.

That the problem with IPv6. There isn't a simply clear immediate money benefit. The benefit isn't ultra-short term.
The benefits are instead long-term : IPv4 is an old technology that is slowly reaching its limits (e.g.: number of available addresses) and that requires more and more layers to circumvent (e.g.: NAT to get around addresses limitation. e.g.: using relay servers on the cloud instead of devices talking p2p with each other, etc.)
From a technological point of view, we are running straight against a wall. But ISPs are complaining that they are not going make tons of money immediately by switching to IPv6 so they stay on course headed for the wall collision.

Comment End effect : No (or at least less) cloud (Score 1) 51

One very direct effect of all of the above :

You won't be required to use cloud service for every single small thing you need to talk to.
(security cameras, weather station, talking toy, etc.),
instead you can trivially access any gizmo directly over the web simply by opening it in your router/firewall.

IPv4 remote access : you need to sign up an account at their service. You gizmo and the app on your smartphone are constantly talking to this server.
This makes a big central failure point : the company server can get hacked, leading to thousands of account information leaking (see HaveIBeenPwnd for your weekly example), or if the device is insecure that's a single point from which to attack all devices. Also if the company goes belly up and the server is shut down, your gizmo becomes an expensive brick.
And these kind of server still costs a little bit of money, so either you're going to need to pay for the service. Or you're going to get ads-bombed as shit.

IPv6 remote access : you need to open a port (or a whole device) in *your* router. Your smartphone app is directly talking to your gizmo without any 3rd party getting involved.
There's no big server with a treasure trove of personal data to leak. If attackers want to hack an insecure gizmo, they need to find them one by one on the web.
Even if the company fails, you can still use your app to talk to the device, you don't rely on a 3rd party server.
There are no server costs to cover.

(Previously, similar things would have required fiddling with NAT, port forwarding and other such remapping to get done on IPv4. Trivial for most /.ers, but not necessarily with random users).

Comment Re:Fait Acompli? (Score 4, Interesting) 174

Is the author high, or trying to sneak in support for an invalid patent, or just plain confused? Patents affect who can make a product. Not the sale or use of the item after the initial manufactures sale.

35 U.S. Code 271 - Infringement of patent

(a) Except as otherwise provided in this title, whoever without authority makes, uses, offers to sell, or sells any patented invention, within the United States or imports into the United States any patented invention during the term of the patent therefor, infringes the patent.

Use is in general covered. The court has in 1992 upheld this:

The plaintiff in the case owned a patent on a medical device, which it sold to hospitals with a "single use only" notice label. The defendant purchased the used devices from hospitals, refurbished them, and resold them to hospitals. The Federal Circuit held that the single-use restriction was enforceable in accordance with the 1926 General Electric case,

But now it's not so clear:

The 2008 Supreme Court decision in Quanta Computer, Inc. v. LG Electronics, Inc., arguably leaves unclear the extent to which patentees can avoid the exhaustion doctrine by means of so-called limited licenses (...) At least two district courts have concluded that Mallinckrodt is no longer good law after Quanta.

Can you avoid patent exhaustion by only giving a limited patent license? There is no clear answer in law, it's a common law doctrine. If they go back to the 1992 decision and say we meant that, the Quanta case was different then single use cartridges will be legal. The Quanta case was more if the product embodies all the essentials of the patent, the right is exhausted. In which case the sticker doesn't bind anyone else from reusing the cartridge.

Comment Re:Given that Venezuela's economy is tanking (Score 1) 82

because of a temporary drop in oil prices (we're a long way off from oil becoming worthless) why the heck are they doing so bad? I'm not gonna chuck if up to gov't corruption because _everywhere_ has that. Usually the rest of the world will send some aid to a country floundering like this. Heck even Greece got some. Did they piss everybody off somehow?

As I understand it the main problem is that the shortages and massive inflation means that most people spend most of their day standing in line for the scraps rather than do anything productive. And when they do get to buy some subsidized goods they overbuy and go to sell them on the black market, which means even more time is wasted on finding places to buy, places to sell and bartering. Running any kind of shop is pretty hopeless because you can't get reliable supplies or reliable customers or pay reliable wages. If you want anything done it's bribes, that again don't do anything productive.

Nobody will give a country loans without concessions and Chavez won't give any. Since the country is reduced to pretty much a giant money sink it's hard to see how anyone sane would invest in that economy. The only half functioning market is the black market, where anything is available to those who can pay but that too is running on fumes because so few still have money to buy with. Those who have money can get to do and have pretty much everything they want though, almost everything and everybody is for sale.

Comment Re:Please stop (Score 1) 237

It's a major problem in technology that really needs to be addressed if this country is going to be competitive in the future. It's unfortunate that it's so inflammatory, but it needs to be addressed.

Somehow I doubt it's particularly bad in the US tech industry compared to other countries, maybe there's more lawsuits but that's the American way. Anyway I think there's two quite different forms of sexism:

1. The belief that one sex is much better at something than the other by nature of their sex.
2. Inappropriate sexual comments/jokes/propositions that belong in locker rooms or on Tinder.

I'm pretty sure the first one is mostly dead and buried in the western world, at least I've never met anyone that has hinted to a natural order where doctors, engineers and mechanics are men and nurses, secretaries and hairdressers are women. Slight surprise yes, but no more than finding a man in a female-dominated occupation and never questioning their capability.

The second kind, well IT tends to attract people who are short on social antennas. Not that they're particularly wanted, but they don't get work in "people jobs" but as long as they can operate a computer they can do a tech job. That often means they haven't bonded on an emotional level and only think about women as objects for sex. Maybe they have experience from casual sex or prostitutes that reinforce that view.

Then there's the whole man-woman dynamic, for the most part men want sex and women relationships so the proposal is likely to be far more sexual. When a woman indicates she's attracted, most men will be flattered. When a man indicates he's attracted, many women will be insulted. Basically I think women in general are far more sensitive about unwanted sexual attention or objectification than men are.

P.S. Once me and one male, one female coworker had a conversation that started about her "cracking the whip" and it took a BSDM turn. And even though tolerances are higher here than in the US, I was wondering if this one had gone out of bounds. Then she took it to the next level with one of our other male coworkers as her leather gimp and a strap-on. I guess he should be the one suing about sexual harassment, if only he knew...

Comment Re:Top four comments (Score 1) 190

Man, you're completely wrong. The Earth doesn't have a population limit. 8 billion is no closer than 1 billion. We can all live comfortable, luxurious lives. The problems we're facing have nothing to do with resource exhaustion (aside from petroleum), but inefficiency and pollution. We can absolutely produce goods without air pollution. We have sources of essentially limitless energy. We can absolutely use nuclear reactors to ship goods - no need for bunker oil. It's a question of economics and political engagement.

Cool. Get back to me when you've convinced the world to put a potential nuclear meltdown in every town and every cargo ship and drive EVs so they can use it for charging. Back in the real world, CO2 levels keep going up, up and away as countries like China go modern. After that comes India, Brazil and the rest of the developing world. Even if the population boom has subsided we'll still hit 10 billion people, that's another 33% growth.

The people who talk about reducing emissions are smoking crack, we're likely to double the world's CO2 emissions in the next 40 years if the technology doesn't evolve. Make that quadruple if everybody decides to pollute as much as Americans, because if they can why can't we? Whatever improvements we make will only make the explosive growth slightly less explosive unless we invent a working fusion reactor or something. Say what you want about nuclear but in the public opinion it's beating a dead horse. We're shutting existing reactors down, not building new ones.

Comment People don't understand what goes into making..... (Score 1) 361

He basically argues that it's not fair because people don't understand what goes into making these things.

As if the fact of effort being expended ENTITLES him to monetary earnings somehow.

A lot of people don't understand what goes into building a house either.

But if the thing's drafty, you have holes in the walls you can drive a forklift through, the house is settling crooked, you have mold in various areas, using electricity in the home starts fires, BUT THE CARPETING IS TOP FUCKING NOTCH, people are going to call bullshit and not patronize your home building business or buy your latest built home.

Are you going to bitch about a review site where your former customers outline all the shit you did wrong in THEIR homes?

And Rotten Tomatoes is nothing more than a dispassionate aggregation of the general public's response to your film. It's not as if the site has it out for you.

But no. Ratner just wants a bigger payday. Because Ratner thinks that he was dealing with a bigger bunch of IP on a bigger budget. Therefore his overall renumeration should be N+1 of whatever he ACTUALLY gets.

Fuck him and the dolly rig he rode in on.

Comment Re:Research to extend lifespans should be banned (Score 1) 123

Correlation or causation? After all, education and prosperity are in that mix too.

Mostly correlation I think. The whole "have enough kids that some grow up" is driven by need, not love. It's not like parents consider them replaceable as human beings as if they have a spare. The need to have your kids support you in your old age is primarily economic, if you have a public system you get help and if you have private money you can hire help. So prosperity -> money for care of elderly, healthcare -> lower child deaths -> double effect of lower risk and less need. I think that's also why there's such a delay and population bulge in the transition, people have to see that hey these people had two kids and they're doing okay now as elderly, do we really need five more?

Slashdot Top Deals

1 Dog Pound = 16 oz. of Alpo